Skip to main content

Facebook founds report service to crack down on phishing scams

Has someone tried to dupe you into revealing your Facebook log-in credentials with a phishing email? If so, Facebook wants to know.

The social network today announced that it has set up an email account that will accept user reports of phishing attempts. Going forward, users can forward any suspect emails to

Phishing emails look as though they are from legitimate sources, like Facebook. They might claim that your account has been compromised and request that you verify your data by clicking on a link and entering a username and password. But the emails are scams and serve only to steal your data. Legitimate company emails will never ask you to click a link and enter your personal information.

"By providing Facebook with reports, we can investigate and request for browser blacklisting and site takedowns where appropriate," Facebook said on its security page. "We will then work with our eCrime team to ensure we hold bad actors accountable. Additionally, in some cases, we'll be able to identify victims, and secure their accounts."

Facebook said the new email will complement existing internal systems the company already has in place for detecting phishing attacks.

"The internal systems notify our team, so we can gather information on the attack, take the phishing sites offline, and notify users," Facebook said. "Affected users will be prompted to change their password and provided education to better protect themselves in the future."

Facebook said incidents of phishing should be "rare," but "together we can help keep these sites off the web and hold the bad guys responsible."

Facebook has boosted security on a number of fronts in recent months, including a June update that was intended to make it easier to confirm logins, report unwanted content, and lock down your device in the event of a breach. Last month, there were reports that the social network also scans Facebook Chat for criminal activity.